Reputation: 861
Heroku: Privacy error "Your connection is not private" is displayed
Privacy error Your connection is not private is displayed (with using Chrome) when I try to access the url which I registered as CNAME.
I developed Rails app, and this is the first time to use Heroku.
Although the error isn't displayed when I use the original url such as https://floating-fortress-99999.herokuapp.com/, the error is displayed when I use www.my_app.com which I get.
All of the error messages on the browser are as followings;
Your connection is not private
Attackers might be trying to steal your information from www.my_app.com (for example, passwords, messages, or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is www.my_app.com; its security certificate is from *.herokuapp.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
I can display www.my_app.com when I click the link Proceed to www.my_app.com (unsafe) on the browser.
Is it possible to avoid displaying 'Privacy error' ?
It would be appreciated if you could give me how to avoid this error.
Upvotes: 7
Views: 7331
Answers (6)
Reputation: 93
For me, what worked was:
- Enforcing SSL in my app (built on Ruby on Rails)
- Adding to
GoDaddythe DNS record provided by Heroku's domain management.xxxx.herokuapp.comdid not work at all !
Upvotes: 0
Reputation: 11
For me I just needed to put https://sitename.herokuapp.com instead of heroku.com
Upvotes: 0
Reputation: 981
For anyone that might come across this -
I've worked for a company that used cisco anyconnect which also included Umbrella DNS protection.
It was systemwide (win 10) service that checked the urls and if (for whatever reason) decided it was dangerous, it showed the SSL error.
I just uninstalled the app since I did not need it anymore.
Upvotes: 1
Reputation: 161
You get "Your connection is not private" error while loading your Heroku application through a new domain name because the existing SSL certificate is not valid for it.
As you can see from the error message:
This server could not prove that it is www.my_app.com; its security certificate is from *.herokuapp.com.
It is only valid for *.herokuapp.com domain name, in this case, it can be your-app-name.herokuapp.com. When you create a new CNAME and use that domain name instead of your-app-name.herokuapp.com, the exisiting SSL certificate can't validate it and displays this error to you.
To bypass this SSL error temporarily, you can enter chrome://flags into Google Chrome address bar to access advanced settings, locate "Allow invalid certificates for resources loaded from localhost" and enable this. By doing so, you can turn off this waring temporarily on your browser (only).
The solution to resolve this issue permanently is to get a new SSL for your domain. You can use the SSL Endpoint add-on from Heroku to use a private SSL with your domain name. This add-on charges you $20 per month. For more details of this add-on, read it from here or here.
Another option is to use Heroku SSL, a free feature that Heroku is currently offering. It seems they want to replace SSL Endpoint by this one. To find out how to install SSL for your domain name with Heroku SSL, read this article from NameCheap.com.
Source: Fix Your Connection Is Not Private Error In Your Browser
Upvotes: 5
Reputation: 2509
Updated Answer in 2020
Heroku now has Automated Certificate Management for all tiers above the free tier that allows for a ridiculously easy setup to have https working for your website.
To set this up:
- In Heroku upgrade the tier to hobbyist or above (starting at $7/month)
- In the CLI run the command
heroku certs:auto:enable -a yourappname - In the CLI run command
heroku domains. You should get a list of your custom domains and a list of the their DNS targets. After running the commands above the DNS targets you get should end in.herokudns.cominstead of.herokuapp.com. - Now in your DNS (GoDaddy, or whatever DNS you are using) update the DNS to make sure that its pointed to the new
.herokudns.comapp instead of the generic.herokuapp.com
You might of course have to wait some time after finishing those steps for the DNS change to take effect. But now you have everything set up alright! Ta Da, you have DNS working for you!
For more info on any of those steps check heroku's article here
Upvotes: 8
Reputation: 11235
The issue is that you're most likely using force_ssl = true in your configuration, however you don't have a valid and authorized SSL certificate installed on your server.
To fix the error you have two possibilities:
- Disable SSL via
force_ssl = false(not recommended) - Purchase an SSL certificate issued from a certifying authority and install it on your server (such as nginx or Apache)
Upvotes: 4
Related Questions
- How to avoid the "Your connection is not private" screen when developing an HTTP2 site locally?
- SSL Localhost Privacy error
- Your connection is not private NET::ERR_CERT_COMMON_NAME_INVALID
- Chrome NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM Error on Windows
- Heroku + node.js error (Web process failed to bind to $PORT within 60 seconds of launch)
- Why does Chrome hate self-signed certificates so much?
- Heroku SSL added but visiting domain still says connection is not private
- NET::ERR_CERT_COMMON_NAME_INVALID after update to Chrome 44
- Connection is not private using Google Domains and Heroku
- Heroku SSL issue